Every version of the Microsoft Windows operating system, going back 20 years, is at risk from a number of security weaknesses detected by a Chinese researcher, according to the International Business Times.The critical security flaw in the Windows OS, dubbed BadTunnel, could enable attackers to put in place man-in-the-middle attacks that would allow them to siphon and decrypt traffic being transmitted between devices and servers.The researcher, Yang Yu, earned a $50,000 bug bounty for his discovery, which can enable miscreants to initiate NetBIOS spoofing across networks. This enables hackers to bypass firewalls and network address translation (NAT) devices and connect with a target's network traffic – without having to be on the victim's network. Previously, hackers needed to first penetrate into a network.A patch was issued as part of the June 14 Patch Tuesday. However, those still using Windows XP are advised to disable NetBIOS over TCP/IP.
Incident Response, Network Security, Patch/Configuration Management, TDR, Vulnerability Management
BadTunnel flaw affects every Windows OS
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



